DNSSEC server failure with trstech.net

Stephane Bortzmeyer bortzmeyer at nic.fr
Thu Nov 6 13:29:06 UTC 2008


On Thu, Nov 06, 2008 at 02:15:59PM +0100,
 Gilles Massen <gilles.massen at restena.lu> wrote 
 a message of 38 lines which said:

> That seems to be the issue: trstech.net has an DLV entry.

Right! I completely missed it. Thanks.

> It kind of illustrates that once you've gone the dnssec path, it
> hard to go back again...

It illustrates also that DNSSEC is a very good way of DoSing yourself.

Probably, Unbound had no problem because it was not configured to use
DLV.


More information about the bind-users mailing list